Requirements verification: Legal challenges in compliance testing

Publication

Publication

Presented at the
2014 2nd IEEE International Conference on Progress in Informatics and Computing, PIC 2014 (May 2014), Shanghai

Compliance is generally understood as the documenting and auditing of evidence deemed sufficient to demonstrate conformance to a rule, a specification, a policy or a law. In this paper, we consider, in the specific context of software development, what are the legal and technical challenges raised by such an understanding of compliance. More specifically, we ask a) what is the nature of this evidence; b) how can sufficiency be defined, and c) how precisely defined is the task of auditing this evidence.